24 Mar 2020

Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown

The Department of Justice has been cracking down on malicious websites using the current pandemic to lure victims. Most recently, the DoJ has taken down a website that claimed to give out coronavirus vaccine kits but rather stole victims’ payment card and personal information. This shutdown marks the first federal

Read More
24 Mar 2020

White House pushes for more telework as first DOD contractor dies because of COVID-19

The White House has announced that government agencies must utilize technology to support teleworking capabilities after COVID-19 took its first victim from the Pentagon. The memo, which was issued by the Office of Management and Budget (OMB), states that agencies should be taking steps to ensure that employees can work

Read More
23 Mar 2020

Hackers breach FSB contractor and leak details about IoT hacking project

Digital Revolution, a Russian hacker group, has allegedly breached a contractor for the FSB. The FSB is Russia’s national intelligence service, and the hacking group claims to have obtained details about a project intended for hacking IoT devices. This week, the group published 12 technical documents, diagrams and code fragments

Read More
23 Mar 2020

200M Records of US Citizens Leaked in Unprotected Database

CyberNews, a Lithuanian research group, has discovered an unprotected database that holds 200 million detailed user records. The owner of the database remains unknown, however, the leaked profiles seem to be US users and contain individuals’ full names and titles, email addresses, phone numbers, birthdates, credit ratings, home and mortgage

Read More
23 Mar 2020

Russian APT28 Group Changes Tack to Probe Email Servers

Russian threat actor group APT28 has recently been probing email servers, scanning for vulnerable email, Microsoft SQL Servers and Directory servers, changing its tactics from its previous attacks. The APT group is responsible for some major cybercrime campaigns over the past few years, including stealing information from the Democratic National

Read More
20 Mar 2020

A Perfect Storm forms as COVID-19 Meets Cyberspace

On Sunday, the US Department of Health and Human Services was hit by a cyber attack intended to disrupt its response to the COVID-19 virus. The ‘disruption and disinformation’ attack has illustrated an intent to target a renewed dependency on IT systems during this pandemic. Businesses, universities, and governments around the world are rapidly deploying remote capabilities to allow work from home during self-isolation to flatten the curve. This solution however, has hyperextended existing IT infrastructure and while defenders struggle to adapt to this new perimeter, adversaries are sure to discover more points of impact.

Read More
20 Mar 2020

Identifying Critical Infrastructure During COVID-19

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published a detailed guide on how to identify critical infrastructure during the pandemic. The publication states that functioning critical infrastructure is paramount to effectively responding to the COVID-19 outbreak for health and safety reasons. The DHS states that specific

Read More
20 Mar 2020

WHO Chief Impersonated in Phishing to Deliver HawkEye Malware

A new and continuing phishing campaign is posing as the Director-General of the World Health Organization (WHO) and is spreading malware known as HawkEye to victims’ devices. According to IBM X-Force Threat Intelligence researchers, the campaign started on Thursday, the same day it was discovered after the researchers found several

Read More
20 Mar 2020

Misconfigured Elasticsearch Instance Exposes More Than 5 Billion Records

An open Elasticsearch incident has reportedly exposed more than 5 billion records from 2012 to March 16, when the breach was discovered. The data in two of the collections is information on data breaches collected by a UK research firm over the course of the same time period. The data

Read More
20 Mar 2020

US, Israel, South Korea, and China look at intrusive surveillance solutions for tracking COVID-19

Four governments, China, South Korea, the US, and Israel, have been looking at implementing intrusive surveillance systems to track the spread of COVID-19. China and South Korea have already put into action an extensive citizen tracking system, while the US and Israel are exploring similar surveillance measures. China is the

Read More